Overview
Command summary. AI traffic, savings evidence, and governance posture for this workspace.
- Loading recent governance events…
Cost by Department
Requests by Model
Daily Usage — Last 30 Days
Requests
Live AI traffic flowing through Nizam Control. Filter events, inspect request evidence, and open Request Detail.
- Loading governance activity…
Audit Logs
Operational audit trail. AI requests passing through Nizam Control are reviewable and filterable in the dashboard.
| Time | User | Model | Dept | Tokens | Cost | Risk | Masked | Cache |
|---|
Alerts
Requests with sensitive data or risk signals detected. Detection is audit-backed — content is not modified.
| Time | User | Model | Risk Score | Masked Fields | Alert |
|---|
Activation Center
Connect a provider, create a Nizam API key, route your first request, and verify in Live Control Feed.
-
01Connect providerAdd an OpenAI-compatible provider credential. Provider keys stay server-side — never exposed to client applications.Required
-
02Create Nizam API keyClient applications authenticate with Nizam API keys (prefixRequired
nzm_live_ornzm_test_). Provider keys never leave the Edge service. -
03Send first requestRoute traffic through Nizam Edge usingRequired
Authorization: Bearer nzm_live_...— not your provider key. Use the demo traffic button to run test scenarios instantly. -
04Verify in Live Control FeedConfirm request attribution, provider status, Inspector evidence, and routing decisions in the control feed.Required
-
05Configure controlsSet workspace governance, output cap, token budget, Inspector, routing, or AutoFix controls.Recommended
Cost Analytics
AI spending breakdown by department and model
Department Breakdown
Model Breakdown
Department Summary
| Department | Requests | Tokens | Cost (USD) |
|---|
Budgets
Department-level spend policies. Workspace token budget lives in Governance · Token Budget.
Department Budget Policies
Configure per-department monthly spend caps. Caps apply to traffic attributed to the workspace's API keys.
Budget Activity — This Month
Audit-backed exposure for each department policy. Near budget ≥ 80% · Over budget ≥ 100%.
Savings Evidence
Aggregate value proof. Per-request evidence lives in Request Detail.
Top opportunities by category. Items are observe-only signals until a policy is applied.
- Observed — Nizam detected an opportunity or exposure. No request was modified.
- Estimated — Nizam estimated possible savings or exposure reduction. Estimates are not guaranteed.
- Applied — A policy action actually changed or constrained request behavior under workspace policy.
- Verified — Provider- or result-backed verification exists. Most categories cannot be verified today.
- Observe-only findings are opportunities, not realized savings. Per-request proof lives in Request Detail under
EconomicsandAutoFix Findings.
Review Queue
Operator review surface for Inspector, AutoFix, routing, and savings evidence. Feedback persistence is coming later.
Review Queue prepares operator feedback for future Inspector, AutoFix, routing, and savings verification workflows. Current feedback actions are not persisted yet.
Future feedback/evidence model fields. This is UI documentation only — these fields are not all currently stored in the database.
API Keys
Create Nizam API keys for client applications. Provider keys stay server-side in Providers.
Use Nizam API keys in your applications. These keys authenticate requests to Nizam Edge before they reach any provider. Provider keys (OpenAI, Anthropic, Groq, DeepSeek) stay server-side and are never returned to the dashboard or to your client.
- Loading…
Workspace Nizam API keys above are the primary client authentication path. Legacy/department key records are kept for compatibility until the attribution model is consolidated.
Issue Department Key Record
Department Key Records
| Name | Role | Department | API Key | Rate Limit | Status | Actions |
|---|
- Do not put provider keys in client code. Provider credentials (OpenAI, Anthropic, Groq, DeepSeek) belong on Providers, server-side only.
- Use Nizam API keys in client applications.
Authorization: Bearer nzm_live_... - Store provider credentials only on the Providers page. They are never returned to the dashboard or to your client.
- Rotate keys immediately if exposed. The one-time reveal cannot be repeated.
- Audit request attribution through Requests · Request Detail — every governed request records the workspace and API key id that authenticated it.
Users
Manage dashboard users and access
Add New User
All Users
| Name | Role | Department | Created | Action |
|---|
Playground
Test AI models through Nizam Control in real-time
Architecture
Request path and setup model. How Nizam Control sits between your applications and AI providers.
Request Flow
Integration — Route through Nizam Edge
Governance
Durable per-workspace policy controls. Conservative by default — changes affect how Nizam evaluates, observes, or controls AI traffic before provider forwarding.
max_tokens exceeds the configured Max Output Tokens will be clamped before forwarding. Requires Max Output Tokens to be set. Disabled by default — must be explicitly opted in per workspace.Observe — Inspector evaluates and records evidence only. No action is applied.
Preview only — Inspector shows what would be flagged. No action is applied.
Online — trusted workspace API-key requests may receive observe-only Inspector review when trigger conditions fire.
balanced — Recommended default. Reviews meaningful risk/cost/quality signals.
aggressive — More eager review. Higher observability, more overhead.
Providers
Connect server-side provider credentials. Client applications never receive provider keys.
Provider credentials are stored server-side and used by Nizam when forwarding trusted requests. Your application uses a Nizam API key — never a provider key directly.
Paste the provider API key here only. Do not use this key in client applications — your client should authenticate with a Nizam API key instead.
Only safe metadata is shown. Provider credentials remain server-side and are never returned to the dashboard.
provider_unreachable can be expected until provider credentials are added.
When a request is authenticated with a trusted Nizam API key, Nizam resolves the workspace provider configuration before forwarding. Until provider credentials are configured, provider_unreachable responses can be expected on the Edge; this is honest behavior and surfaces in Request Detail under Provider Failure.
Super Admin
All companies and global platform stats
Companies
| Company | Plan | Keys | Requests | Cost | Joined |
|---|